Add CFT OIDC authentication standard

[kremi]

Jira link

See SIDM-9281.

Change description

Added a new Authentication and authorization standard under engineering standards.
The standard says CFT services should use OpenID Connect with CFT IDAM for user authentication, while keeping authorization decisions owned by individual services.

Testing done

N/A

Security Vulnerability Assessment

CVE Suppression: Are there any CVEs present in the codebase (either newly introduced or pre-existing) that are being intentionally suppressed or ignored by this commit?

• Yes
• No

Checklist

• commit messages are meaningful and follow good commit message guidelines
• README and other documentation has been updated / added (if needed)
• tests have been updated / new tests has been added (if needed)
• Does this PR introduce a breaking change

[github-actions]

@check-spelling-bot Report

🔴 Please review

See the 📂 files view, the 📜action log, or 📝 job summary for details.

Unrecognized words (1)

PKCE

These words are not needed and should be removed

apparmor Intellij PTRACE RAWIO

To accept these unrecognized words as correct and remove the previously acknowledged and now absent words, you could run the following commands

... in a clone of the git@github.com:hmcts/hmcts.github.io.git repository
on the add-cft-oidc-auth-standard branch (ℹ️ how do I use this?):

curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/v0.0.23/apply.pl' |
perl - 'https://github.com/hmcts/hmcts.github.io/actions/runs/27136694157/attempts/1'

Warnings (1)

See the 📂 files view, the 📜action log, or 📝 job summary for details.

⚠️ Warnings	Count
⚠️ no-newline-at-eof	1

See ⚠️ Event descriptions for more information.

---

🖊️ Please consider adding a word to the allow list if it is flagged as a spelling error but is genuinely used within the project.
🤔 Think we might see a flagged mistake in another PR in the future? Please consider adding it as an expected pattern.